Executive Briefing November 3, 2017

VFI Webinar – Thursday Nov. 9 10:00-10:45 AM

To honor Veteran’s Day, we’re proud to be hosting a webinar with Microsoft VP of Military Affairs Chris Cortez, a retired U.S. Marine Corps Major General who now leads Microsoft’s military group. He’ll talk about how Microsoft engages with veterans and active service personnel, and share leadership lessons from his career. RSVP NOW

HILL UPDATE

Lawmakers on Wednesday released a trove of ads that Russian operatives bought on Facebook, providing the fullest picture yet of how foreign actors sought to promote Republican Donald Trump, denigrate Democrat Hillary Clinton and divide Americans over some of the nation’s most sensitive social issues.

Senators from both parties took tech company officials to task in a hearing Wednesday for failing to better identify, defuse and investigate Russia’s campaign to manipulate American voters over social media during the 2016 presidential campaign. In the second of three Capitol Hill hearings this week on Russian’s online information operation, members of the Senate intelligence committee challenged Facebook, Google and Twitter in strikingly direct terms that, at times, seemed to carry the implicit threat of legislation that could reign in the nation’s wildly profitable technology industry.

The Senate Intelligence Committee last week advanced a bill that renews a powerful surveillance authority enabling the government to collect foreign intelligence on U.S. soil. The 12-to-3 vote reflected divisions on the panel over whether and how to strengthen privacy protections in the law, known as Section 702 of the FISA Amendments Act. And it shows that a path to renewing the authority, which expires at the end of the year, is anything but clear in the Senate.

ARTICLE SUMMARY

In this Issue Brief, Jennifer Daskal analyzes the issues and interests at stake in the United States v. Microsoft Corp. case now pending before the U.S. Supreme Court, and concludes that they are matters more appropriately resolved by Congress, not the judiciary. The heart of the problem, Daskal explains, is that the Stored Communications Act, which regulates the disclosure of electronic communications such as email, was passed more than twenty years ago, before there was a globally connected Internet, and the statute is silent as to its territorial reach. In the “Microsoft Ireland case,” the government seeks access to emails stored on a server in Dublin, and Microsoft contends that the government’s request is an illegitimate use of its warrant authority, since the data is located overseas.

The Irish Times published a piece examining the U.S. Supreme Court’s decision to grant cert in Microsoft’s warrant case, noting this to be the first major post-Snowden case to come before the court involving a company refusing to comply with government demands for data. The article briefly notes questions about whether hearing the case “is a misguided use of the Supreme Court’s valuable time” since a ruling might only apply narrowly and will be obsolete should Congress pass ICPA, resolving the issue. The piece also explores the global implications of cross-border access to cloud data, noting the case will be followed closely by business and privacy advocates worldwide.

PEW Charitable Trusts Stateline Blog Michigan Governor Signs Volunteer Cyber Corps Bill
With the new law, called the Cyber Civilian Corps Act, the team is now designated in statute and doesn’t need a state of emergency to be called into action. That means it can step in, when requested, and provide technical assistance if the state gets hit by a cyberattack or data breach. The law also broadens the team’s reach to allow it to help local governments, nonprofits and businesses across the state. Michigan officials hope the volunteer corps of cybersecurity experts from government, education and private industry, which is believed to be the first such group in the U.S., can serve as a national model. They liken it to volunteer firefighters.

Google, Microsoft and Facebook are among more than 100 tech companies banding together to mount a legal challenge to President Donald Trump’s effort to end DACA. The companies filed a brief Wednesday in support of Deferred Action for Childhood Arrivals, or DACA, which offers protection to undocumented immigrants who came to the US as children, sometimes referred to as Dreamers. The Trump administration said in September it would end the Obama-era program, which lets immigrants brought to the US illegally as children before 2007 stay without fear of deportation.

New York Law Journal published a piece by Philip C. Patterson and Vera M. Kachnowski, attorneys at De Feis O’Connell & Rose, P.C., examining the Supreme Court’s decision to grant cert in Microsoft’s warrant case. Patterson and Kachnowski analyze the case highlights a recurring tension between public safety and privacy concerns and note that the Supreme Court will have to consider the application of the Stored Communications Act (SCA) across borders. The two detail that it seems unlikely Congress intended the SCA to reach abroad, and note that perhaps the best starting point for a legislation solution would be to focus on a ”users” nationality and residence, rather than the location of their data.”

A vital surveillance program expires at the end of the year. If Congress fails to act before then, the intelligence community will lose one of its most critical counterterrorism tools. But if it follows the Trump administration’s request and makes the program permanent without change, Americans’ privacy could be endangered. We urge Congress to add important privacy protections.

ONE OF THE biggest cases for the US Supreme Court’s current term could mark a watershed moment for the Fourth Amendment. In Carpenter v. United States, the court will consider whether police need probable cause to get a search warrant to access cell site location information (CSLI), data that’s automatically generated whenever a mobile phone connects to a cell tower. Not only does this case offer a chance to protect privacy rights for cell phones, Carpenter also provides an opportunity to reevaluate an antiquated legal theory, called the third-party doctrine, that underpins many government surveillance programs.

THINK TANK/TECH TRADE ASSOCIATION HIGHLIGHTS

American Enterprise Institute (AEI)

Blog post on Google’s Project Loon: Visiting fellow Daniel Lyons asked, “Why is Google so interested in providing connectivity in dead zones? There’s a public relations benefit, of course, and gains from experimenting with innovative new technologies and business models. But partly, it’s the good, old-fashioned profit motive at work. More people online means more people using Google’s services and available for monetization.” He added, “It would be foolish for the government to block Project Loon from bringing important connectivity to a disadvantaged population simply because it does not provide complete, unfettered access to all internet-based content and services.”(AEI BLOG – Rethinking broadband access, Google balloons help rescue Puerto Rico, By Daniel Lyons, October 26, 2017)

Blog post on ICPA: “The Fourth Amendment requires government officials to get a warrant to search citizens’ private property, but as technologies and times change, government will inevitably do its best to creep into areas when it has no right,” Executive director Katie McAuliffe wrote. “When you give government an inch, it does all it can to stretch and squeeze its way past its limits, but passing the ICPA would create certainty and a detailed process by which the government could no longer hide behind vague, out-of-date policy.” (ATR BLOG – ICPA: Warrant Required for Email Content, By Katie McAuliffe, October 25, 2017)

Letter to Congress supporting ICPA: ATR, with FreedomWorks, Competitive Enterprise Institute and other groupssent a letter to the leaders of the Senate and House Judiciary Committees urging “to expedite committee consideration” of ICPA, according to POLITICO. (POLITICO MORNING TECH – Conservative Groups Champion ICPA, By Li Zhou, October 25, 2017)

Blog post on open source code: Katie McAuliffe argued, “Requiring the Department of Defense use open source code for unclassified software as the preferred programming source code will adversely impact intellectual property rights and violate long-standing technology neutral procurement policies.” She added, “Preferring open source code also creates a likely ‘front-door’ opportunity for our nation’s enemies to infiltrate some of our most strategic systems.” (ATR BLOG POST – Open Source Code Would Make DoD Vulnerable, By Katie McAuliffe, October 23, 2017)

Blog post on EU digital tax proposals: International affairs associate Kevin Adams wrote, “In recent weeks the European Commission has been discussing proposals to raise taxes on digital firms that operate within the European Union. The move is aimed mostly at Google, Apple, Facebook, and Amazon.” He added, “Any proposal is likely to receive backlash from low-tax EU member states, eventually leading to procedural hurdles in adopting EU law.” (ATR BLOG – EU Takes Aim at Tech Giants with Revamped Digital Tax Proposals, By Kevin Adams, October 31, 2017)

Aspen Institute

Blog post on workforce development: “We need a workforce development system that meets the needs of independent workers, and helps disrupted workers connect to independent work opportunities,” associate director Ethan Pollack and intern Hilary Greenberg wrote. They added, “The workforce development system should be modernized to incorporate nontraditional forms of work.” (ASPEN BLOG – GAO: The workforce development system does not adequately prepare workers for independent work, By Ethan Pollack & Hilary Greenberg, October 26, 2017)

Press release announcing artificial intelligence policy principles: ITI “released the first industry-wide policy principles on Artificial Intelligence (AI). These principles will serve as an important guide for industry and governments to ensure AI’s responsible growth and deployment as society realizes the full benefits of this life-changing technology.” (ITI PRESS RELEASE – ITI Unveils First Industry-Wide Artificial Intelligence Policy Principles, October 24, 2017)

Information Technology & Innovation Foundation (ITIF)

Blog post on industrial IoT policy strategy: Vice president Stephen Ezell wrote, “An effective national IIoT strategy should address what ITIF calls the 4 Ts: Talent, Technology, Tax, and Trade.” He added, “Without an IIoT strategy, businesses will be at a disadvantage in the global marketplace. For example, companies in a country slower to adopt this technology, through no fault of their own, will be forced to compete with comparatively sluggish supply chains.” (ITIF BLOG – The Four Ts of an Effective Strategy for the Industrial Internet of Things, By Stephen Ezell, October 26, 2017)

New America

Medium post on the future of technology policy: Alan Davidsonwrote that “policy challenges have exposed gaps in our collective ability to keep pace with change and to make thoughtful decisions about the social implications of new technology.” He added, “They also draw attention to an opportunity: to improve the programming in schools, higher education, and other skill-building programs to train a next generation with the capacity to fill these gaps.” (MEDIUM – Building our Technology Policy Future, By Alan Davidson, October 20, 2017)

NOTABLE QUOTES

“Yet, in another twist, if the court finds in favour of the US government, legal experts say the decision will apply only narrowly, to the 1986 SCA. Were Congress to introduce new legislation to amend the act and clarify access– and a bipartisan Bill already has been put forward – it would resolve the issue without the need for what’s likely to be a short-term Supreme Court decision. Microsoft and many other tech companies have been pushing Congress to do exactly this.”

“The Fourth Amendment of our Constitution provides basic privacy rights for all Americans. I believe the Supreme Court has been clear that in order to access the content of an American’s communications, the government is required to get a probable cause warrant. The same standard should apply to Section 702.”

“The government should be fighting to secure computers — not to hack them or to stockpile exploit codes that can be lost or stolen, and then misused and abused. As we told the Ninth Circuit, the Fourth Amendment needs to protect the public’s privacy and security. Secretive and unregulated government hacking endangers both.”

“This broad threat to fundamental parts of American society poses a serious danger to national security as well as individual privacy. Increasingly, a number of former senior law enforcement and national security officials have come out strongly in support of end-to-end encryption and strong device protection (much like the kind Apple has been developing), which can protect against hacking and other data theft incidents. As technology changes, the jobs of police and intelligence workers must also change.”

“The true heart of this problem isn’t actions by Microsoft or the Supreme Court, it’s Congress’s adherence to outdated laws. The Microsoft dispute would be easily resolved by passing the International Communications Privacy Act (ICPA), which would update our laws to match the technologies of the time… Passing ICPA would eliminate massive potential for judicial overreach, establish clarity in outdated rules, and avoid costly legal expenses for private companies and government officials.”

“While the Trump administration has indicated it will not support certain provisions like a warrant requirement, it may ultimately be difficult to veto any reform bill that makes its way through both chambers. According to that same House aide, while it’s not yet clear how far reform will go, there is general alignment within majorities in both chambers on the need for reform.”

“If America’s biggest businesses step up and tell Congress that the privacy of non-Americans matter, that reform bills like the Liberty Act must contain improvements in transparency, redress, and minimization for everyone, not just Americans, they’ll get an audience in Washington… Staying quiet sends another signal entirely: that while they might prefer a world where the law protects their foreign customers, they’re unwilling to make a noise to make that world a reality.”

“Encryption serves a valuable purpose. It is a foundational element of data security and essential to safeguarding data against cyber-attacks. It is critical to the growth and flourishing of the digital economy, and we support it. I support strong and responsible encryption… I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so.”

“Going straight to reading the content of private communications without a warrant is an end-run around the Fourth Amendment… Think about it. Would you want the government reading your emails or listening to your phone calls, just because someone called the FBI and said you looked suspicious?”

“In our view, it is unreasonable under the Fourth Amendment to compile large intelligence files on Americans with no case-by-case judicial supervision. While obtaining court approval can be burdensome and time consuming, the effort will be worth it if it protects Americans’ privacy rights.”

“Stakeholders affected by the Microsoft decision agree that serious competing policy considerations must be weighed to align the SCA with modern technology and the increasing importance of digital evidence to law enforcement—not just in the United States, but worldwide. Indeed, any legislative remedies must take into account the parallel data requests made by foreign governments and the potentially conflicting international compliance demanded of service providers.”